Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Lg2bFr4FoqRQtNTCJVH3DHttG8w.roa
File: Lg2bFr4FoqRQtNTCJVH3DHttG8w.roa (raw, json)
Hash identifier: iQoinIWsg7LASWB1oqXt9FBOTUIiDFVJvHlMM7xVFHs=
Subject key identifier: 2E:0D:9B:16:BE:05:A2:A4:50:B4:D4:C2:25:51:F7:0C:7B:6D:1B:CC
Certificate issuer: /CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Certificate serial: 03DC9CA9
Authority key identifier: E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Lg2bFr4FoqRQtNTCJVH3DHttG8w.roa
Signing time: Thu 10 Feb 2022 12:39:12 +0000
ROA not before: Thu 10 Feb 2022 12:39:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 45.149.154.0/24 maxlen: 24
45.149.153.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64789673 (0x3dc9ca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e795c9617ca5a6a3bff263fc1837992fd1ac47f2
Validity
Not Before: Feb 10 12:39:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e0d9b16be05a2a450b4d4c22551f70c7b6d1bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fa:e8:3b:7d:ea:0e:46:f4:4d:84:fe:cb:99:
bb:f4:0b:fd:a3:32:24:26:aa:9d:2e:d2:d8:e0:0e:
53:bf:53:03:02:fb:f9:0c:cb:ea:22:37:6b:d3:fb:
b4:0f:93:ec:34:2e:e0:73:c9:f0:92:26:93:5a:ba:
ac:1e:ea:45:c2:e7:6d:9f:1a:cd:8f:0c:78:d5:69:
79:a5:b4:15:9b:7f:9f:3f:e6:3e:af:6b:39:65:59:
4f:06:02:49:11:e1:93:93:93:d2:c3:8b:08:70:96:
f3:69:f2:f5:09:32:34:53:57:ab:ee:ee:0b:f0:7d:
c3:2d:63:79:a3:34:a3:d4:95:f3:38:99:cd:5d:86:
1b:2b:5b:0a:7b:e3:fa:8d:26:8e:ec:52:b4:98:e2:
2a:e4:6e:aa:66:28:7b:20:f5:6e:23:58:3c:87:5f:
c2:17:cb:ae:d8:7c:f4:5b:26:53:ff:72:4e:f3:29:
c8:8c:a9:8e:cd:26:d9:64:30:40:a0:eb:9c:35:5e:
6f:8a:34:cf:22:a9:19:af:0d:19:74:e7:e8:ff:b2:
45:02:77:bc:66:a3:eb:9f:79:27:ca:6d:32:fb:2b:
36:5f:0f:a8:69:8a:19:5b:d5:b0:c8:93:e1:35:b7:
3f:76:a6:7c:ae:aa:2e:72:59:bc:fe:36:3d:c3:23:
18:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0D:9B:16:BE:05:A2:A4:50:B4:D4:C2:25:51:F7:0C:7B:6D:1B:CC
X509v3 Authority Key Identifier:
keyid:E7:95:C9:61:7C:A5:A6:A3:BF:F2:63:FC:18:37:99:2F:D1:AC:47:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/55XJYXylpqO_8mP8GDeZL9GsR_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/Lg2bFr4FoqRQtNTCJVH3DHttG8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/986dde-5f68-4c21-b546-d540df886bab/1/55XJYXylpqO_8mP8GDeZL9GsR_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0-45.149.154.255
Signature Algorithm: sha256WithRSAEncryption
5d:4e:13:bc:51:c4:50:65:29:4b:df:3a:37:d3:d2:00:b2:5d:
85:f8:6e:b1:f2:22:26:1e:38:74:2f:b2:e6:34:40:eb:88:f4:
ef:b3:12:12:04:22:43:8c:1a:05:f6:b3:a3:95:87:7c:e0:de:
2a:ca:e8:66:84:02:14:72:dd:7c:60:04:f2:a8:f3:37:16:dc:
5d:46:bb:c9:79:05:c5:d8:95:4d:19:4c:f7:94:1e:92:7e:15:
88:e6:ad:35:06:8c:91:94:e5:0f:a0:6c:e6:b3:42:f7:4b:30:
6f:b4:c0:72:9b:59:b2:57:62:90:89:47:0a:ed:71:52:c3:0f:
d0:2c:7f:8b:b7:fc:c9:33:1b:99:8c:32:27:e4:29:f0:a5:e5:
a5:e9:a0:fa:10:67:e1:1a:af:1f:fe:63:56:4a:6b:7d:48:15:
b8:5f:fc:5a:b0:d5:26:8a:f2:4f:cd:9d:46:19:b6:80:75:da:
92:7e:4c:af:f5:11:e2:06:46:20:2c:68:6b:43:da:dc:26:50:
bf:de:5c:f9:7a:31:21:af:9d:27:2f:63:5f:8d:9d:cd:28:92:
f5:97:aa:f7:d9:b0:77:ad:a2:03:ce:57:c4:e5:0d:78:8e:db:
c1:02:f7:5f:37:ee:a3:8b:d5:03:c2:17:5d:3f:e4:e4:86:a9:
e1:1c:44:2c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA9ycqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Nzk1Yzk2MTdjYTVhNmEzYmZmMjYzZmMxODM3OTkyZmQxYWM0N2YyMB4XDTIyMDIx
MDEyMzkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUwZDliMTZiZTA1
YTJhNDUwYjRkNGMyMjU1MWY3MGM3YjZkMWJjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKr66Dt96g5G9E2E/suZu/QL/aMyJCaqnS7S2OAOU79TAwL7
+QzL6iI3a9P7tA+T7DQu4HPJ8JImk1q6rB7qRcLnbZ8azY8MeNVpeaW0FZt/nz/m
Pq9rOWVZTwYCSRHhk5OT0sOLCHCW82ny9QkyNFNXq+7uC/B9wy1jeaM0o9SV8ziZ
zV2GGytbCnvj+o0mjuxStJjiKuRuqmYoeyD1biNYPIdfwhfLrth89FsmU/9yTvMp
yIypjs0m2WQwQKDrnDVeb4o0zyKpGa8NGXTn6P+yRQJ3vGaj6595J8ptMvsrNl8P
qGmKGVvVsMiT4TW3P3amfK6qLnJZvP42PcMjGPsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQuDZsWvgWipFC01MIlUfcMe20bzDAfBgNVHSMEGDAWgBTnlclhfKWmo7/y
Y/wYN5kv0axH8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU1WEpZWHlscHFPXzhtUDhHRGVaTDlHc1JfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8x
L0xnMmJGcjRGb3FSUXROVENKVkgzREh0dEc4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OTg2ZGRlLTVmNjgtNGMyMS1iNTQ2LWQ1NDBkZjg4NmJhYi8xLzU1WEpZWHlscHFP
XzhtUDhHRGVaTDlHc1JfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQALZWZAwQALZWaMA0GCSqGSIb3
DQEBCwUAA4IBAQBdThO8UcRQZSlL3zo309IAsl2F+G6x8iImHjh0L7LmNEDriPTv
sxISBCJDjBoF9rOjlYd84N4qyuhmhAIUct18YATyqPM3FtxdRrvJeQXF2JVNGUz3
lB6SfhWI5q01BoyRlOUPoGzms0L3SzBvtMBym1myV2KQiUcK7XFSww/QLH+Lt/zJ
MxuZjDIn5CnwpeWl6aD6EGfhGq8f/mNWSmt9SBW4X/xasNUmivJPzZ1GGbaAddqS
fkyv9RHiBkYgLGhrQ9rcJlC/3lz5ejEhr50nL2NfjZ3NKJL1l6r32bB3raIDzlfE
5Q14jtvBAvdfN+6ji9UDwhddP+TkhqnhHEQs
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:45:30 2025 by rpki-client